CentOS 7配置DNS和DHCP服务
时间:2016-11-02 22:43 来源:linux.it.net.cn 作者:IT
安装Dnsmasq
-
Dnsmasq 提供 DNS 缓存和 DHCP 服务功能。作为域名解析服务器(DNS),dnsmasq可以通过缓存 DNS 请求来提高对访问过的网址的连接速度。作为DHCP 服务器,dnsmasq 可以用于为局域网电脑分配内网ip地址和提供路由。DNS和DHCP两个功能可以同时或分别单独实现。dnsmasq轻量且易配置,适用于个人用户或少于50台主机的网络。此外它还自带了一个 PXE 服务器。
-
DHCP服务概述: 名称:DHCP - Dynamic Host Configuration Protocol 动态主机配置协议
功能:DHCP(Dynamic Host Configuration
Protocol,动态主机配置协议)是一个局域网的网络协议,使用UDP协议工作,主要有两个用途:
1、 给内部网络或网络服务供应商自动分配IP地址,主机名,DNS服务器,域名
2、 配和其它服务,实现集成化管理功能。如:无人执守安装服务器 特点: C/S 模式 客户端/服务端 自动分配IP地址,方便管理
DHCP不会同时租借相同的IP地址给两台主机; DHCP管理员可以约束特定的计算机使用特定的IP地址;
可以为每个DHCP作用域设置很多选项; 客户机在不同子网间移动时不需要重新设置IP地址。每次都自动获取IP地址就可以了。 DHCP的缺点:
当网络上存在多服务器时,一个DHCP服务器不能查出已被其它服务器租出去的IP地址;
DHCP服务器不能跨路由器与客户机通信,除非路由器允许BOOTP协议转发。 端口: DHCP服务使用:端口67(bootps)
68(bootpc) 。 例:查看
# cat /etc/services | grep boot
安装并配置Dnsmasq
[root@vdevops ~]# yum -y install dnsmasq
[root@vdevops ~]# vi /etc/dnsmasq.conf
# line 19: 取消注释(从不转发普通名称)
domain-needed
# line 21: 取消注释 (从不转发非路由地址空间中的地址)
bogus-priv
# line 41: 取消注释 (查询每个服务器严格按照resolv.conf中的顺序)
strict-order
# line 55: 添加下面一行 (查询特定域名到特定的DNS服务器)
server=/linuxprobe.org/10.1.1.53
# line 123: 取消注释 (自动添加域名)
expand-hosts
# line 133: 添加 (定义域名)
domain=srv.world
[root@vdevops ~]# systemctl start dnsmasq
[root@vdevops ~]# systemctl enable dnsmasq
对于DNS记录,将它们添加到/etc/hosts中,然后,Dnsmasq将回答客户端的查询。
[root@vdevops ~]# cat vim /etc/hosts
cat: vim: No such file or directory
127.0.0.1 localhost localhost.localdomain vdevops.com
10.1.1.53 linuxprobe.org
# add records
10.1.1.56 vdevops.com vdevops
[root@vdevops ~]# systemctl restart dnsmasq
如果防火墙是开启的,需要做下面设置
[root@vdevops ~]# systemctl start firewalld
[root@vdevops ~]# firewall-cmd --add-service=dns --permanent
success
[root@vdevops ~]# firewall-cmd --reload
success
验证以从内部网络中的客户端解析名称或IP地址,在其他服务器上面操作
[root@linuxprobe ~]# yum -y install bind-utils
将DNS设置更改为Dnsmasq Server(将“eno16777736 ”替换为您自己的环境,即更改接口的DNS)
[root@linuxprobe ~]# nmcli c modify eno16777736 ipv4.dns 10.1.1.56
[root@linuxprobe ~]# nmcli c down eno16777736; nmcli c up eno16777736
[root@linuxprobe ~]# dig vdevops.org
; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.4 <<>> vdevops.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30866
;; flags: qr rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;vdevops.org. IN A
;; ANSWER SECTION:
vdevops.org. 128 IN A 180.168.41.175
;; Query time: 46 msec
;; SERVER: 10.1.1.1#53(10.1.1.1)
;; WHEN: Thu Oct 27 18:07:23 CST 2016
;; MSG SIZE rcvd: 45
[root@linuxprobe ~]# dig -x 10.1.1.56
; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.4 <<>> -x 10.1.1.56
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13696
;; flags: qr aa rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;56.1.1.10.in-addr.arpa. IN PTR
;; ANSWER SECTION:
56.1.1.10.in-addr.arpa. 0 IN PTR vdevops.org.
;; Query time: 2 msec
;; SERVER: 10.1.1.56#53(10.1.1.56)
;; WHEN: Thu Oct 27 18:07:51 CST 2016
;; MSG SIZE rcvd: 65
#### Dnsmasq:配置DHCP服务器##
在Dnsmasq中启用集成DHCP功能并配置DHCP服务器
[root@vdevops ~]# vi /etc/dnsmasq.conf
-
line 146: add (range of IP address to lease and term of lease) dhcp-range=10.1.1.10,10.1.1.30,12h
-
line 316: add (define default gateway) dhcp-option=option:router,10.1.1.1
-
-line 325: add (define NTP, DNS, server and subnetmask) dhcp-option=option:ntp-server,10.1.1.56 dhcp-option=option:dns-server,10.1.1.56 dhcp-option=option:netmask,255.255.255.0 [root@vdevops ~]# systemctl restart dnsmasq [root@vdevops ~]# systemctl status dnsmasq ● dnsmasq.service - DNS caching server. Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; enabled; vendor preset: disabled) Active: active (running) since Thu 2016-10-27 18:14:55 CST; 6s ago Main PID: 7786 (dnsmasq) CGroup: /system.slice/dnsmasq.service └─7786 /usr/sbin/dnsmasq -k
Oct 27 18:14:55 vdevops.org systemd[1]: Started DNS caching server.. Oct 27 18:14:55 vdevops.org systemd[1]: Starting DNS caching server…. Oct 27 18:14:55 vdevops.org dnsmasq[7786]: started, version 2.66 cachesize 150 Oct 27 18:14:55 vdevops.org dnsmasq[7786]: compile time options: IPv6 GNU-getopt DBus no-i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrac…et auth Oct 27 18:14:55 vdevops.org dnsmasq-dhcp[7786]: DHCP, IP range 10.1.1.10 – 10.1.1.30, lease time 12h Oct 27 18:14:55 vdevops.org dnsmasq[7786]: using nameserver 10.1.1.53#53 for domain linuxprobe.org Oct 27 18:14:55 vdevops.org dnsmasq[7786]: reading /etc/resolv.conf Oct 27 18:14:55 vdevops.org dnsmasq[7786]: using nameserver 10.1.1.1#53 Oct 27 18:14:55 vdevops.org dnsmasq[7786]: using nameserver 10.1.1.53#53 for domain linuxprobe.org Oct 27 18:14:55 vdevops.org dnsmasq[7786]: read /etc/hosts - 3 addresses Hint: Some lines were ellipsized, use -l to show in full. “`
(责任编辑:IT)
安装Dnsmasq
[root@vdevops ~]# yum -y install dnsmasq [root@vdevops ~]# vi /etc/dnsmasq.conf # line 19: 取消注释(从不转发普通名称) domain-needed # line 21: 取消注释 (从不转发非路由地址空间中的地址) bogus-priv # line 41: 取消注释 (查询每个服务器严格按照resolv.conf中的顺序) strict-order # line 55: 添加下面一行 (查询特定域名到特定的DNS服务器) server=/linuxprobe.org/10.1.1.53 # line 123: 取消注释 (自动添加域名) expand-hosts # line 133: 添加 (定义域名) domain=srv.world [root@vdevops ~]# systemctl start dnsmasq [root@vdevops ~]# systemctl enable dnsmasq 对于DNS记录,将它们添加到/etc/hosts中,然后,Dnsmasq将回答客户端的查询。 [root@vdevops ~]# cat vim /etc/hosts cat: vim: No such file or directory 127.0.0.1 localhost localhost.localdomain vdevops.com 10.1.1.53 linuxprobe.org # add records 10.1.1.56 vdevops.com vdevops [root@vdevops ~]# systemctl restart dnsmasq 如果防火墙是开启的,需要做下面设置 [root@vdevops ~]# systemctl start firewalld [root@vdevops ~]# firewall-cmd --add-service=dns --permanent success [root@vdevops ~]# firewall-cmd --reload success 验证以从内部网络中的客户端解析名称或IP地址,在其他服务器上面操作 [root@linuxprobe ~]# yum -y install bind-utils 将DNS设置更改为Dnsmasq Server(将“eno16777736 ”替换为您自己的环境,即更改接口的DNS) [root@linuxprobe ~]# nmcli c modify eno16777736 ipv4.dns 10.1.1.56 [root@linuxprobe ~]# nmcli c down eno16777736; nmcli c up eno16777736 [root@linuxprobe ~]# dig vdevops.org ; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.4 <<>> vdevops.org ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30866 ;; flags: qr rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;vdevops.org. IN A ;; ANSWER SECTION: vdevops.org. 128 IN A 180.168.41.175 ;; Query time: 46 msec ;; SERVER: 10.1.1.1#53(10.1.1.1) ;; WHEN: Thu Oct 27 18:07:23 CST 2016 ;; MSG SIZE rcvd: 45 [root@linuxprobe ~]# dig -x 10.1.1.56 ; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.4 <<>> -x 10.1.1.56 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13696 ;; flags: qr aa rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;56.1.1.10.in-addr.arpa. IN PTR ;; ANSWER SECTION: 56.1.1.10.in-addr.arpa. 0 IN PTR vdevops.org. ;; Query time: 2 msec ;; SERVER: 10.1.1.56#53(10.1.1.56) ;; WHEN: Thu Oct 27 18:07:51 CST 2016 ;; MSG SIZE rcvd: 65 #### Dnsmasq:配置DHCP服务器## 在Dnsmasq中启用集成DHCP功能并配置DHCP服务器 [root@vdevops ~]# vi /etc/dnsmasq.conf
Oct 27 18:14:55 vdevops.org systemd[1]: Started DNS caching server.. Oct 27 18:14:55 vdevops.org systemd[1]: Starting DNS caching server…. Oct 27 18:14:55 vdevops.org dnsmasq[7786]: started, version 2.66 cachesize 150 Oct 27 18:14:55 vdevops.org dnsmasq[7786]: compile time options: IPv6 GNU-getopt DBus no-i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrac…et auth Oct 27 18:14:55 vdevops.org dnsmasq-dhcp[7786]: DHCP, IP range 10.1.1.10 – 10.1.1.30, lease time 12h Oct 27 18:14:55 vdevops.org dnsmasq[7786]: using nameserver 10.1.1.53#53 for domain linuxprobe.org Oct 27 18:14:55 vdevops.org dnsmasq[7786]: reading /etc/resolv.conf Oct 27 18:14:55 vdevops.org dnsmasq[7786]: using nameserver 10.1.1.1#53 Oct 27 18:14:55 vdevops.org dnsmasq[7786]: using nameserver 10.1.1.53#53 for domain linuxprobe.org Oct 27 18:14:55 vdevops.org dnsmasq[7786]: read /etc/hosts - 3 addresses Hint: Some lines were ellipsized, use -l to show in full. “` |